This website uses cookies to ensure you get the best experience on our website. Learn more
Modern Password Protection Requires MFA
Microsoft found passwords are attacked 1287 times per second. The number of attacks on the password mean the password is more vulnerable than ever. Modern Active Directory password protection must include a layered approach. Specops Secure Access adds this important MFA layer to the Windows logon, RDP and VPN authentications. Together with Specops Password Policy, organizations can ensure their Active Directory password defenses are more complete.
-
Increase Security for Windows Logon, RDP and VPN connections
- Secure authentications at the Windows logon (and unlock) screens with a second factor to better protect against password attacks
- Add a second layer to VPN connections in Windows environments, ensuring the user connecting to your network is who they say they are
- Harden Remote Desktop Protocol connections with a second factor to better secure remote access
-
Fulfill compliance and cybersecurity insurance requirements
- Ensure your cybersecurity insurance rates remain reasonable or avoid being denied coverage
- Fulfill cybersecurity compliance requirements like that of NIST and PCI
- Comply with privacy regulations like GDPR and HIPAA
-
Offline mode ensures access to your network and end user devices remains protected at all times
- Offline authentication methods like OTP authenticators ensure end users can authenticate even during connection interruptions
Customer Reviews From Gartner Peer Insights
See what satisfied customers on Capterra had to say after buying and deploying Specops Password Auditor.
Our company needed a way to protect our staff and IT staff from vishing impersonation calls as well as harden our password policy compliance so we could get our ISO 2700 certification. Specops provided all the tools we need all in one package.”
IT Security and Risk Management
The deployment process was easy with the assistance offered. The software itself is powerful and helps us meet regulatory criteria.
Banking Industry
Features
We help increased your defenses against Active Directory password attacks with another layer of protection with MFA for Windows Logon, RDP and VPN, making it harder for attackers to gain unauthorized access to your network.
- Enforce MFA for Windows logon, adding a second factor to the Active Directory logon
- Enable MFA for Virtual Private Network (VPN) connections that support the RADIUS protocol
- Apply MFA for Remote Desktop Protocol (RDP) connections, strengthening remote access security
- Allow users to authenticate with biometrics or push notifications without an existing 3rd party identity service with the included Specops:ID mobile app
- Allow users to authenticate with text message, hardware tokens like Yubikey, or 3rd party providers like Microsoft Authenticator and Google Authenticator
- Secure offline logons with One-Time-Passcode (OTP) authentication
- Customizable “remember me” settings to reduce the number of MFA prompts a user experiences at logon/unlock, VPN or RDP
- Granular, GPO-driven targeting for any GPO level, computer, user, or group population
Try Specops Secure Access for free
Modern password security requires more than just password protections. See how Specops Secure Access can fit with your organization and reduce your attack surface with one simple Active Directory based MFA step.
Need more info?
FAQs
What is Specops Secure Access?
Specops Secure Access is a multi-factor authentication (MFA) solution that adds an additional security layer to Windows logon, Remote Desktop Protocol (RDP), and RADIUS connections e.g. VPN, Remote Desktop Gateway Services. It helps organizations strengthen access controls in hybrid environments and meet compliance requirements.
What MFA methods does Specops Secure Access support?
Specops Secure Access allows users to authenticate with their mobile device Biometrics using the Specops:ID mobile app. Secure Access also has flexible 2nd factor options they can use Yubikeys, mobile SMS message, or 3rd party providers like Microsoft Authenticator and Google Authenticator. Offline authentication is also available using one-time password (OTP) via those authenticator apps or using Yubikey.
Can Specops Secure Access work offline?
Yes. The solution supports offline authentication via OTP authenticators or Yubikey, ensuring users can securely log in even without a network connection.
How do users enroll in Specops Secure Access?
Enrollment is guided automatically upon a user’s first authentication attempt through the Specops Client. Administrators can also utilise existing enrollments from other Specops Authentication products for password resets or encryption key recovery.
Is Specops Secure Access compatible with other Specops products?
Yes. It integrates seamlessly with other Specops products, such as Specops Password Policy and Specops uReset.
How does MFA at Windows logon work?
Once the Specops Client is installed and configured, users enter their Windows passsword and are then prompted for the second authentication factor before gaining access to their desktop.
Can Specops Secure Access be used for remote connections?
Yes. Organizations using VPN or RDP can enable MFA for remote connections via RADIUS.
Does Specops Secure Access support biometric authentication?
Yes. Users can authenticate biometrically using the Specops:ID mobile app.
What are the system requirements for deploying Specops Secure Access?
Specops Secure Access requires a Windows Server to host the Gatekeeper, which connects to Active Directory. Client computers must be domain-joined Windows 10 or Windows 11 devices with the Specops Client and CefSharp runtime installed. The system must have internet access to reach the Specops Cloud when enrolling. Integration with RADIUS (Windows NPS Server) is supported for VPN and RDP authentication scenarios. Multiple Gatekeepers can be deployed for redundancy.
What is the administrator experience like?
Secure Access can be customized to align with organizational needs. Administrators can apply custom branding such as logos and colors, adjust MFA and authentication policies, and configure trusted networks. The solution also allows customization of SMTP and email settings, as well as delegation of administrative roles and scopes within Active Directory.
Can Secure Access be customized?
Secure Access can be customized to align with organizational needs. Administrators can apply custom branding such as logos and colors, adjust MFA and authentication policies, and configure trusted networks. The solution also allows customization of SMTP and email settings, as well as delegation of administrative roles and scopes within Active Directory.
What kind of support or documentation is available?
Specops provides comprehensive support resources for Secure Access, including detailed installation and administration guides, troubleshooting articles, and release notes. Additional documentation, product datasheets, and a searchable knowledge base are available on the Specops website. Customers can also contact the Specops Support team or their product specialist for technical assistance.
Downloads and resources
- [New research] Are VPN passwords secure? Two million malware-stolen passwords say no.
Today, the Specops research team is publishing new data on VPN passwords that have been stolen by malware. In total, our threat intelligence research team found 2,151,523 VPN passwords that have been compromised by malware over the past year. These are all real stolen passwords chosen by end users to access VPNs, and they all… - NIS2, passwords, and MFA: Everything you need to know
MFA and password security are key considerations in several regulatory frameworks, and NIS2 is no different. The NIS2 Directive is an important piece of legislation for anyone working in cybersecurity across the European Union. The latest updates to the NIS2 (Network and Information Systems) regulations were published in the Official Journal of the European Union…